Menu

ENTRY #5

This is my fifth entry on my INVESTI blog. This first term is coming to an end because we only have 3 more weeks to go 😦 But I know that these coming 3 weeks are going to be fulled with new knowledge and lessons for me to learn 🙂 What we did this week was an exercise on the case study of company ABC. (This company is always a victim HAHAHAHA) Now there are 3 situations according to the exercise. The first situation was that there was a ransomware that was spread across the network of the company. It had infected 50 computers and they ask for 50,000 pesos ransom for each computer which bring to a total of a quarter of a million pesos (WOW). Now even though this situation is fictional, there are cases that in which companies are attacked with viruses and malware so that it could damage the company. With this type of malware installed on the computer, either pay the ransom being asked or just format the drive. If there are unnecessary files on the computer, the drive could be formatted. If there are important files at the computer with no back up of those files, you are left to pay the price of the ransom. The payment is made through bitcoin so it could not be traced back to the owner of the bitcoin wallet.

Now I want to talk about beef. Not beef the meat but BeEF which means Browser Exploitation Framework. This is a useful tool to use the exploitations available in many internet browsers. Google Chrome, Mozilla FireFox, and even Internet Explorer. These exploits ranges from getting your history to accessing your webcam through a fake permission flash pop-up. This is useful to extract information about a target without him/her knowing about it. To start using BeEF, you need to “hook” a user so that you could exploit his/her browsing session of the browser. After the “hook” part, the exploitations will begin. I am still learning more about BeEf and I will soon use other tools that are available in the Kali Linux operating system because after installing Kali Linux, I was surprised because there were already pre-installed tools for pentesting, hacking networks and many more. I got excited when I saw the tools and I’m ready to explore the tools individuality. I know that I can do this and with the help of Adrian, we could learn those tools together.